Cross site scripting

2007-06-1223:30:00

PRIOn knowledge base

www.prio-n.com

6.1 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

67.9%

JSON

Cross-site scripting (XSS) vulnerability in the rich text editor in Webwiz allows remote attackers to inject arbitrary web script or HTML via URL-encoded HTML composed of a frameset in which a frame has a SRC attribute pointing to a JavaScript document.

CPENameOperatorVersion
web_wiz_rich_text_editoreq3.1

CPE	Name	Operator	Version
	web_wiz_rich_text_editor	eq	3.1

References

osvdb.org/37330

securityreason.com/securityalert/2792

www.securityfocus.com/archive/1/471050/100/0/threaded

www.securityfocus.com/bid/24419